Welcome!

Real-World SOA Book: Blog Post

API Management Invasion: SOA At the Gates

API Management Best Practices are being used for Internal API Management

One of the most surprising moments of my talk at QCon San Francisco last week was when I asked the audience who is ‘doing’ service oriented architecture inside their Enterprise.

API Management Best Practices are being used for Internal API Management

API Management Best Practices are being used for Internal API Management

Everyone raised their hand, or nearly everyone. There was no hesitation. The question was clear and the response was swift. Attendees didn’t look around to see if they were the only one riding this ‘dead’ trend. Instinct took over and hands shot up all around. The same question last year at the same conference yielded a positive response from less than half the respondents. Sure, this experiment is anecdotal with a mere slice of the relevant respondents and absolutely no control group, but I think it validates Gartner’s plateau of productivity for services. Productive yes, but maximally productive – no. For internal services to be realized more fully, SOA needs API management.

API Sharing – What’s That?
I talked to attendee after attendee, all with a similar story. The story was how their Enterprise decomposed their assets into programmable services using SOA and hosted their services on vendor platforms (IBM,Tibco, Microsoft) and/or open source. An informal survey yielded most developers using Spring, Jersey or Ruby on Rails as popular ways to host internal services. While services were plentiful, there was simply no single pane of glass, or single source of the truth for internal developers to go to discover and make use of disparate services.

APIs, which in one sense are the closest thing to any developer’s heart, were also the most elusive. For the day to day practitioner, the developer, there is still a significant mental gap between SOAP web services and “APIs.” Many attendees hadn’t heard of solutions for internal SOA governance of the registry/repository ilk and the distance between SOAP and API management seems like light-years. Public and open API programs didn’t seem to “apply” to the quandary of the day to day developer.

Even when valuable functionality is implemented, I heard horror stories of services being implemented twice or three times over in different parts of the Enterprise simply because developers didn’t know that this functionality already existed and had no good way to reuse the components. A service hiding behind a WSDL on Microsoft .NET with zero discoverability is like an invisibility cloak on your SOA. The functionality is there, but almost impossible to use unless you are the original developer or  an asetic monk that regularly engages in <wsdl:definitions> tag torture.

It’s time for an API Management invasion. API management has optimized the process for developer on-boarding and fast time to market for services.  Developer portals shine in solving this problem. Why? Because they’ve been battle-tested on the open Internet, with hundreds or thousands of “zero-trust” developers. The model is there, it just needs a way to invade the Enterprise. If you are like any of the attendees I talked to last week and already have a SOA that isn’t delivering value, consider how you might apply best practices such as an internal developer portal, fast on-boarding processes, interactive documentation, analytics and other best practices from the open API movement to evangelize and share your components from within. Invade your SOA with API Management.

API Management Enables Internal APIs

Expressway helps Enterprises power internal and hybrid APIs

The post API Management Invasion: SOA At the Gates appeared first on Application Security.

Read the original blog entry...

More Stories By Blake Dournaee

Blake Dournaee is currently the product manager responsible for Intel SOA products. As a product manager at Sarvega, he was deeply involved in the development of their flagship XML security, routing and acceleration appliance products. He was a specialist in applied cryptography applications at RSA Security and was a frequent speaker at many RSA conferences throughout the US and Europe. Dournaee is an established author who wrote the first book on XML Security and co-authored SOA Demystified from Intel press.

Latest Stories
Identity is in everything and customers are looking to their providers to ensure the security of their identities, transactions and data. With the increased reliance on cloud-based services, service providers must build security and trust into their offerings, adding value to customers and improving the user experience. Making identity, security and privacy easy for customers provides a unique advantage over the competition.
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of So...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management solutions, helping companies worldwide activate their data to drive more value and business insight and to transform moder...
SYS-CON Events announced today that eCube Systems, a leading provider of middleware modernization, integration, and management solutions, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. eCube Systems offers a family of middleware evolution products and services that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
Personalization has long been the holy grail of marketing. Simply stated, communicate the most relevant offer to the right person and you will increase sales. To achieve this, you must understand the individual. Consequently, digital marketers developed many ways to gather and leverage customer information to deliver targeted experiences. In his session at @ThingsExpo, Lou Casal, Founder and Principal Consultant at Practicala, discussed how the Internet of Things (IoT) has accelerated our abil...
SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2016 Silicon Valley. The 19th Cloud Expo and 6th @ThingsExpo will take place on November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. "The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it," stated Roger Strukhoff. "More importantly, it leverages the power of devices and the Interne...
Whether they’re located in a public, private, or hybrid cloud environment, cloud technologies are constantly evolving. While the innovation is exciting, the end mission of delivering business value and rapidly producing incremental product features is paramount. In his session at @DevOpsSummit at 19th Cloud Expo, Kiran Chitturi, CTO Architect at Sungard AS, will discuss DevOps culture, its evolution of frameworks and technologies, and how it is achieving maturity. He will also cover various st...
Digital innovation is the next big wave of business transformation based on digital technologies of which IoT and Big Data are key components, For example: Business boundary innovation is a challenge to excavate third-party business value using IoT and BigData, like Nest Business structure innovation may propose re-building business structure from scratch, as Uber does in the taxicab industry The social model innovation is also a big challenge to the new social architecture with the design fr...
So, you bought into the current machine learning craze and went on to collect millions/billions of records from this promising new data source. Now, what do you do with them? Too often, the abundance of data quickly turns into an abundance of problems. How do you extract that "magic essence" from your data without falling into the common pitfalls? In her session at @ThingsExpo, Natalia Ponomareva, Software Engineer at Google, provided tips on how to be successful in large scale machine learning...
If you had a chance to enter on the ground level of the largest e-commerce market in the world – would you? China is the world’s most populated country with the second largest economy and the world’s fastest growing market. It is estimated that by 2018 the Chinese market will be reaching over $30 billion in gaming revenue alone. Admittedly for a foreign company, doing business in China can be challenging. Often changing laws, administrative regulations and the often inscrutable Chinese Interne...
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
In his session at @ThingsExpo, Kausik Sridharabalan, founder and CTO of Pulzze Systems, Inc., will focus on key challenges in building an Internet of Things solution infrastructure. He will shed light on efficient ways of defining interactions within IoT solutions, leading to cost and time reduction. He will also introduce ways to handle data and how one can develop IoT solutions that are lean, flexible and configurable, thus making IoT infrastructure agile and scalable.
Creating replica copies to tolerate a certain number of failures is easy, but very expensive at cloud-scale. Conventional RAID has lower overhead, but it is limited in the number of failures it can tolerate. And the management is like herding cats (overseeing capacity, rebuilds, migrations, and degraded performance). Download Slide Deck: ▸ Here In his general session at 18th Cloud Expo, Scott Cleland, Senior Director of Product Marketing for the HGST Cloud Infrastructure Business Unit, discusse...
Data is an unusual currency; it is not restricted by the same transactional limitations as money or people. In fact, the more that you leverage your data across multiple business use cases, the more valuable it becomes to the organization. And the same can be said about the organization’s analytics. In his session at 19th Cloud Expo, Bill Schmarzo, CTO for the Big Data Practice at EMC, will introduce a methodology for capturing, enriching and sharing data (and analytics) across the organizati...
SYS-CON Events announced today that Bsquare has been named “Silver Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. For more than two decades, Bsquare has helped its customers extract business value from a broad array of physical assets by making them intelligent, connecting them, and using the data they generate to optimize business processes.